[JSF] How to control scheme with commandLink/Button tags?
Hi, I've a problem using JSF/Shale on Sun AS 9.0.1 when deployed behind an SSL accelerator in production. Because secure requests get to the app server unencrypted, I am unable to use regular declarative security user-data-constraint/transport-guarantee/CONFIDENTIAL in web.xml, or it gets in an infinite loop redirecting to https... Anyway, so in the meantime, I'd just like to control the schemes on my links and action post, but JSF doesn't seem to support it! commandLink/Buttons don't seem to allow you to change scheme. If you put a full URL in the action, it fails to find the full URL w/ scheme in the faces-config.xml... Is this a Glassfish bug or a JSF oversight? Or am I missing some other way to programmatically control the scheme of a JSF command? I'd appreciate any workaround idea the community would be willing to share. :) Thank you,
Re: [JSF] How to control scheme with commandLink/Button tags?
From: Cyril Bouteille [EMAIL PROTECTED] Hi, I've a problem using JSF/Shale on Sun AS 9.0.1 when deployed behind an SSL accelerator in production. Because secure requests get to the app server unencrypted, I am unable to use regular declarative security user-data-constraint/transport-guarantee/CONFIDENTIAL in web.xml, or it gets in an infinite loop redirecting to https... Anyway, so in the meantime, I'd just like to control the schemes on my links and action post, but JSF doesn't seem to support it! s don't seem to allow you to change scheme. If you put a full URL in the action, it fails to find the full URL w/ scheme in the faces-config.xml... Is this a Glassfish bug or a JSF oversight? Or am I missing some other way to programmatically control the scheme of a JSF command? I'd appreciate any workaround idea the community would be willing to share. :) What part of shale are you using (view controller, dialog manager, remoting). Are you using one of the shale example applications? What does your naviation rule look like in the faces-config.xml acting for the commandLink/Button. Thank you, Gary
Re: [JSF] How to control scheme with commandLink/Button tags?
On 1/19/07, Cyril Bouteille [EMAIL PROTECTED] wrote: Hi, I've a problem using JSF/Shale on Sun AS 9.0.1 when deployed behind an SSL accelerator in production. Because secure requests get to the app server unencrypted, I am unable to use regular declarative security user-data-constraint/transport-guarantee/CONFIDENTIAL in web.xml, or it gets in an infinite loop redirecting to https... If your accellerator sends the request in on the http port, that is definitely not going to work ... but why do you need a security constraint to enforce this? It seems like something you could do with firewall rules. Anyway, so in the meantime, I'd just like to control the schemes on my links and action post, but JSF doesn't seem to support it! commandLink/Buttons don't seem to allow you to change scheme. If you put a full URL in the action, it fails to find the full URL w/ scheme in the faces-config.xml... Is this a Glassfish bug or a JSF oversight? When you submit a form, JSF is using HTTP POST requests back to the URL of the original page URL, which means you cannot change modes. You'll need to do a redirect to an appropriate URL to do that. Or am I missing some other way to programmatically control the scheme of a JSF command? I'd appreciate any workaround idea the community would be willing to share. :) Thank you, Craig
Re: [JSF] How to control scheme with commandLink/Button tags?
From: Cyril Bouteille [EMAIL PROTECTED] Hi Craig, My understanding is that declarative web.xml security rules is the official way to control the protocol scheme with JSF (since I'm unable to specify it w/ JSF tags). Sprinkling redirects all over our code and pages to correct the protocol scheme is rather ugly... I wish there was just a way to specify the POST scheme with JSF commandLink/Button tags. As a wrapper around Servlet API, I'd expect to have at least access to the same functionality. Is this a JSF architecture decision resulting from technical difficulties allowing the scheme to switch on the command submission? The h:form component renderer calls the view handler to create the action URL. There are a couple extension points here. You could plug in your own ViewHandler and override the get ActionURL [1] method or you could create your own form renderer [2]. [1] http://svn.apache.org/viewvc/myfaces/core/trunk/impl/src/main/java/org/apache/myfaces/application/jsp/JspViewHandlerImpl.java?view=markup [2]http://svn.apache.org/viewvc/myfaces/shared/trunk/core/src/main/java/org/apache/myfaces/shared/renderkit/html/HtmlFormRendererBase.java?view=markup Craig McClanahan wrote: On 1/19/07, Cyril Bouteille wrote: Hi, I've a problem using JSF/Shale on Sun AS 9.0.1 when deployed behind an SSL accelerator in production. Because secure requests get to the app server unencrypted, I am unable to use regular declarative security user-data-constraint/transport-guarantee/CONFIDENTIAL in web.xml, or it gets in an infinite loop redirecting to https... If your accellerator sends the request in on the http port, that is definitely not going to work ... but why do you need a security constraint to enforce this? It seems like something you could do with firewall rules. Anyway, so in the meantime, I'd just like to control the schemes on my links and action post, but JSF doesn't seem to support it! s don't seem to allow you to change scheme. If you put a full URL in the action, it fails to find the full URL w/ scheme in the faces-config.xml... Is this a Glassfish bug or a JSF oversight? When you submit a form, JSF is using HTTP POST requests back to the URL of the original page URL, which means you cannot change modes. You'll need to do a redirect to an appropriate URL to do that. Or am I missing some other way to programmatically control the scheme of a JSF command? I'd appreciate any workaround idea the community would be willing to share. :) Thank you, Craig
Re: [JSF] How to control scheme with commandLink/Button tags?
On 1/19/07, Cyril Bouteille [EMAIL PROTECTED] wrote: Hi Craig, My understanding is that declarative web.xml security rules is the official way to control the protocol scheme with JSF (since I'm unable to specify it w/ JSF tags). That's true ... but you are violating the assumptions of the way that these constraints were originally designed when you send a secure request to the insecure port :-). Sprinkling redirects all over our code and pages to correct the protocol scheme is rather ugly... I wish there was just a way to specify the POST scheme with JSF commandLink/Button tags. As a wrapper around Servlet API, I'd expect to have at least access to the same functionality. Is this a JSF architecture decision resulting from technical difficulties allowing the scheme to switch on the command submission? It's actually just a use case we didn't consider at all. It would be good to provide feedback to the JSF spec folks that this is an important issue to address in a future JSF spec version. There are feedback links at the public java.net project for the spec https://javaserverfaces-spec-public.dev.java.net. Craig Craig McClanahan wrote: On 1/19/07, Cyril Bouteille [EMAIL PROTECTED] wrote: Hi, I've a problem using JSF/Shale on Sun AS 9.0.1 when deployed behind an SSL accelerator in production. Because secure requests get to the app server unencrypted, I am unable to use regular declarative security user-data-constraint/transport-guarantee/CONFIDENTIAL in web.xml, or it gets in an infinite loop redirecting to https... If your accellerator sends the request in on the http port, that is definitely not going to work ... but why do you need a security constraint to enforce this? It seems like something you could do with firewall rules. Anyway, so in the meantime, I'd just like to control the schemes on my links and action post, but JSF doesn't seem to support it! commandLink/Buttons don't seem to allow you to change scheme. If you put a full URL in the action, it fails to find the full URL w/ scheme in the faces-config.xml... Is this a Glassfish bug or a JSF oversight? When you submit a form, JSF is using HTTP POST requests back to the URL of the original page URL, which means you cannot change modes. You'll need to do a redirect to an appropriate URL to do that. Or am I missing some other way to programmatically control the scheme of a JSF command? I'd appreciate any workaround idea the community would be willing to share. :) Thank you, Craig